Package org.forgerock.oauth2.core

Class ClientAuthenticator

java.lang.Object

org.forgerock.oauth2.core.ClientAuthenticator

@Singleton
public class ClientAuthenticator
extends Object

Authenticates OAuth2 clients by extracting the client's identifier and secret from the request.

Since:

12.0.0

Constructor Summary

Constructors

Constructor	Description
ClientAuthenticator(ClientRegistrationStore clientRegistrationStore, OAuth2AuditLogger auditLogger, RealmNormaliser realmNormaliser, ClientCredentialsReader clientCredentialsReader, ClientAuthenticationFailureFactory failureFactory)	Constructs a new ClientAuthenticatorImpl.

Method Summary

Modifier and Type	Method	Description
ClientRegistration	authenticate(OAuth2Request request, String endpoint)	Authenticates the client making the OAuth2 request by extracting the client's id and secret from the request and authenticating against the OAuth2 providers client registrations.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ClientAuthenticator

@Inject
public ClientAuthenticator(ClientRegistrationStore clientRegistrationStore,
                           OAuth2AuditLogger auditLogger,
                           RealmNormaliser realmNormaliser,
                           ClientCredentialsReader clientCredentialsReader,
                           ClientAuthenticationFailureFactory failureFactory)

Constructs a new ClientAuthenticatorImpl.

Parameters:

clientRegistrationStore - An instance of the ClientRegistrationStore.

auditLogger - An instance of the OAuth2AuditLogger.

realmNormaliser - An instance of the RealmNormaliser.

clientCredentialsReader - An instance of the ClientCredentialsReader.

failureFactory -

Method Detail

authenticate

public ClientRegistration authenticate(OAuth2Request request,
                                       String endpoint)
                                throws InvalidClientException,
                                       InvalidRequestException,
                                       NotFoundException

Authenticates the client making the OAuth2 request by extracting the client's id and secret from the request and authenticating against the OAuth2 providers client registrations.

Parameters:

request - The OAuth2Request. Must not be null.

endpoint - The endpoint being authenticated for.

Returns:

The client's registration.

Throws:

InvalidClientException - If either the request does not contain the client's id or the client fails to be authenticated.

InvalidRequestException - If the request is missing any required parameters or is otherwise malformed.

NotFoundException - If the realm does not have an OAuth 2.0 provider service.